cancel
Showing results for 
Search instead for 
Did you mean: 

MACLOCK preventing unauthorized mac address

MACLOCK preventing unauthorized mac address

Paulo_Silva
New Contributor
Hi.

I want to configure port's B5 (firmware 6.81) something like Cisco port security. I want statically provisioning a mac port lock. I configure this:

set maclock enable
set maclock trap ge.6.30 enable violation
set maclock syslog ge.6.30 enable violation
set maclock static ge.6.30 1
set maclock 00:1d:70:96:8c:1c ge.6.30 create

If an other device with a diferent mac address conect in this port, port go to down.

This way don't work, I tested.

Anyone can help me.

Thks.

10 REPLIES 10

Paulo_Silva
New Contributor
Ronald, I understand.

I have to create each mac address I want to connect in this port.
When a change to happen, I will create a new entry and delete an old mac.

set maclock 00:0e:08:d4:c7:9f ge.6.30 create
set maclock 00:1d:70:96:8c:1c ge.6.30 create

What do you think? Is it correct?

Paulo_Silva
New Contributor
I did this, but don't clear.

If I configure port firstarrival 0, the device with this mac don't work.

SW_B5_7B(su)->show mac port ge.6.30
No entries found.

Thks again for your help.

Ronald_Dvorak
Honored Contributor
You could clear the violation with this command....

G3(su)->clear maclock violation disable-port ge.1.8

Paulo_Silva
New Contributor
Hi, Ronald.

Another help.

Look what has happened. The mac address marked "last violation" not connected, like this mac address is prohibited.

1f530a86335641129f546322d89d1ccc_RackMultipart20160118-19196-58i7jf-Sele__o_112_inline.png



Do you know, how can I clear this entry?

GTM-P2G8KFN